Web Application Security Consortium - Web hacking Incidents Database (WHID)

Contributors

Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security ) [Project Leader]

The Web Hacking Incidents Database
Last update:07 November 2007

Incident WHID 2007-45

Full List
By Class
By ID

1999
2000
2001
2002
2003
2004
2005
2006
2007

RSS
Statistics
Blog
FAQ
About

WHID

WHID 2007-45: XSS flaw makes PM say: "I want to suck your blood"

Date: 09 October 2007
Incident Type: Security Breach
WASC Threat Classification: Cross-site Scripting

Using XSS on the sites of both Australian major political parties a security researcher nicknamed Bsoric caused the Liberal Party's Web site to read: "John Howard says: I want to suck your blood", while another script caused a window to pop up on the Labor Party's Web site, urging viewers to "Vote Liberal!"

References:

XSS flaw makes PM say: "I want to suck your blood" [Builder.AU]

This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.